mirror of
https://github.com/LemmyNet/lemmy.git
synced 2024-11-27 03:41:02 +00:00
Removing checking permissions when editing posts and comments. (#2727)
* Removing checking permissions when editing posts and comments. Fixes #2714 * Running cargo fmt again. * Adding back in community ban checks.
This commit is contained in:
parent
956d0aa52f
commit
8a27978ee1
2 changed files with 1 additions and 12 deletions
|
@ -5,8 +5,6 @@ use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
utils::{
|
utils::{
|
||||||
check_community_ban,
|
check_community_ban,
|
||||||
check_community_deleted_or_removed,
|
|
||||||
check_post_deleted_or_removed,
|
|
||||||
get_local_user_view_from_jwt,
|
get_local_user_view_from_jwt,
|
||||||
is_mod_or_admin,
|
is_mod_or_admin,
|
||||||
local_site_to_slur_regex,
|
local_site_to_slur_regex,
|
||||||
|
@ -50,15 +48,12 @@ impl PerformCrud for EditComment {
|
||||||
let comment_id = data.comment_id;
|
let comment_id = data.comment_id;
|
||||||
let orig_comment = CommentView::read(context.pool(), comment_id, None).await?;
|
let orig_comment = CommentView::read(context.pool(), comment_id, None).await?;
|
||||||
|
|
||||||
// TODO is this necessary? It should really only need to check on create
|
|
||||||
check_community_ban(
|
check_community_ban(
|
||||||
local_user_view.person.id,
|
local_user_view.person.id,
|
||||||
orig_comment.community.id,
|
orig_comment.community.id,
|
||||||
context.pool(),
|
context.pool(),
|
||||||
)
|
)
|
||||||
.await?;
|
.await?;
|
||||||
check_community_deleted_or_removed(orig_comment.community.id, context.pool()).await?;
|
|
||||||
check_post_deleted_or_removed(&orig_comment.post)?;
|
|
||||||
|
|
||||||
// Verify that only the creator can edit
|
// Verify that only the creator can edit
|
||||||
if local_user_view.person.id != orig_comment.creator.id {
|
if local_user_view.person.id != orig_comment.creator.id {
|
||||||
|
|
|
@ -4,12 +4,7 @@ use lemmy_api_common::{
|
||||||
context::LemmyContext,
|
context::LemmyContext,
|
||||||
post::{EditPost, PostResponse},
|
post::{EditPost, PostResponse},
|
||||||
request::fetch_site_data,
|
request::fetch_site_data,
|
||||||
utils::{
|
utils::{check_community_ban, get_local_user_view_from_jwt, local_site_to_slur_regex},
|
||||||
check_community_ban,
|
|
||||||
check_community_deleted_or_removed,
|
|
||||||
get_local_user_view_from_jwt,
|
|
||||||
local_site_to_slur_regex,
|
|
||||||
},
|
|
||||||
websocket::{send::send_post_ws_message, UserOperationCrud},
|
websocket::{send::send_post_ws_message, UserOperationCrud},
|
||||||
};
|
};
|
||||||
use lemmy_db_schema::{
|
use lemmy_db_schema::{
|
||||||
|
@ -68,7 +63,6 @@ impl PerformCrud for EditPost {
|
||||||
context.pool(),
|
context.pool(),
|
||||||
)
|
)
|
||||||
.await?;
|
.await?;
|
||||||
check_community_deleted_or_removed(orig_post.community_id, context.pool()).await?;
|
|
||||||
|
|
||||||
// Verify that only the creator can edit
|
// Verify that only the creator can edit
|
||||||
if !Post::is_post_creator(local_user_view.person.id, orig_post.creator_id) {
|
if !Post::is_post_creator(local_user_view.person.id, orig_post.creator_id) {
|
||||||
|
|
Loading…
Reference in a new issue